Significant cyber attacks in 2021, like Colonial Pipeline and JBS Meats, and a continued increase of cyber attacks in 2022 has prompted the U.S. federal government to respond, leading to the recently released memo from the Office of Management and Budget (OMB), requiring federal agencies to implement zero trust (ZT) technology by fiscal year 2024.
The government’s stated federal ZT strategy is based on the Cybersecurity and Infrastructure Security Agency’s (CISA) ZT maturity model. Let’s talk about CISA’s model and how the elements in this framework can be implemented by organizations to better secure their networks, in a move toward ZT.
What is the ZT Maturity Model?
CISA’s model is one of the many frameworks proposed to support organizations’ transitions to a ZTA. The model is comprised of five distinct pillars: identity, device, network, application workload, and data.
Identity and authentication of identity is a critical component of a ZTA. As part of ZT, organizations need to incorporate technologies that confirm and assess identity, including passwords, multi-factor authentication (MFA), and CASB systems that provide or deny access based on identity. Aurora’s parent company, PlurilockTM, has a way of continuously authenticating and confirming identity based on behavioral biometrics with Plurilock DEFENDTM, serving as a critical piece of the ZT puzzle.
Device-level protection is another element of a strong ZTA. The term device includes any hardware assets that connect to a network, and encompasses mobile phones, laptops, and servers. These devices could either be corporate or BYOD. An inventory of all connected devices should be logged, secured, and prevented from unauthorized access to resources.
It is critical, to not only ensure the integrity of these devices, but also to validate the identity of the users operating them. Device management includes both baseline security and visibility into these devices. Aurora offers Identity and Access Management Solutions, which ensure that sensitive information and data are only accessed by the right people at the right time.
- Network Environment:
A network environment is a communication system that ties users together, within a local area network (LAN) or wide area network (WAN). For a ZTA, this internal and external flow of data needs to be controlled according to specific application workflows, avoiding traditional “implicit trust” models, like firewalls, that have been used in the past.
In this new environment, agencies need to identify which types of protection are needed and where they can be deployed to ensure that those operating within the network are continuously authenticated and assessed for risk, to mitigate the risk of insider threats. Aurora’s team of experts can help with EDR, XDR, and MDR solutions that provide rapid detection of threats and quicker response time.
- Application Workload:
An application workload consists of agency systems, computer programs, and services executed on-premise and in the cloud. Secure application delivery involves the management of both the container and application layer. CISA’s alignment to this pillar states that, “agencies will need to integrate their protections more closely with their application workflows to ensure the protections have the visibility and understanding needed to provide effective security.”
Data across devices, networks, applications, and cloud must be protected against threats. Inventory of this data should be taken continuously, and access to sensitive data needs to be closely managed in a ZTA. Learn more, about how Aurora helps our customers understand their vulnerabilities by performing a data inventory audit. We then consult with them to provide data encryption solutions.
By implementing parts of CISA’s ZT model, your organization will be on the path to stronger security and preventing cyber attacks that cost significant time and money to remediate.
Aurora’s team of experts offers consulting services to help organizations transition to a ZT environment. Contact us to learn how we can improve your cybersecurity and IT infrastructure, by implementing ZTA in your environment.
Learn more about how Plurilock’s zero trust continuous authentication can prepare your organization for cybersecurity challenges.
https://www.cisa.gov/sites/default/files/publications/CISA Zero Trust Maturity Model_Draft.pdf